OpenPMF™ Makes Security Policy Manageable Through Automation Our OpenPMF™ Security Policy Automation Platform turns human-manageable security policies automatically into the matching preventive technical implementation.
OpenPMF™ lets you manage security policies in customizable terms that matter to your organization. You can use OpenPMF™ as a on-premises installation or as a cloud-hosted service. Without OpenPMF, creating many fine-grained technical security (esp. for access control and auditing) rules is too costly, cumbersome and error-prone. And – even worse – without OpenPMF, updating many fine-grained technical security rules whenever the application landscape changes results in a maintenance cost explosion. OpenPMF automates much of the policy creation, and reduces the update maintenance cost close to zero.
What problem does OpenPMF solve?
When securing your organization’s interconnected IT landscape…There are too many rules & configurations, and too many changes to do this manually. It’s unmanageable. The policy you wanted isn’t all that complex and long if you write it out in human-intuitive concepts and terms. The policy gets very simple if you capture it in generic concepts.OpenPMF lets you easily author such generic policies and many more advanced generic policies. OpenPMF automatically calculates the matching technical rules & configurations. Even better, such generic policies won’t need to be changed often, even if your IT landscape changes! OpenPMF simply re-calculates the technical updates for you!
…are you going to manually configure & maintain all security rules and configurations everywhere?
How does OpenPMF work?
OpenPMF’s policies are captured in generic terms , rather than in technical security rules. This way, OpenPMF policies typically do not have to change when the application landscape (e.g. web application interactions) changes. OpenPMF automatically generates the technical security enforcement rules from those models by automatically analyzing the applications with all their interactions, and inferring which rules are required to enforce the requirements defined in the models. OpenPMF (patent-pending) ensures policies are manageable even if IT landscapes are large and change dynamically. The result is a significant cost saving, esp. with respect to maintenance.
“Industry specialists agree that over 70% of all security break-ins happen on the application layer, not on the network layer. In order to ensure that enterprise security policies and regulations are adequately addressed on the application layer, matching fine-grained access policies need to be enforced reliably and consistently. And at low cost and low maintenance. Without application access control and auditing, enterprises would leave the most important layer in their IT landscape unprotected.”
OpenPMF let’s you:
- Import, analyze and visualize your networks & applications. OpenPMF uses your existing information to simplify policy automation.
- Import existing security policies into OpenPMF as a basis for the policies you will manage in OpenPMF.
- Author policies in generic, intuitive, and rich concepts, using terms you choose.
- Generate enforcement technical rules & configurations at the click of a button.
- Test policies using formal methods. For example, you can test whether certain policies can or cannot occur.
- Document compliance & natural language policy in English language text exported at the click of a button.
- Enforce policies via OpenPMF’s own runtime.
- Export security configurations into 3rd party products using OpenPMF’s rapidly customizable exporter.
- Monitor via OpenPMF’s own runtime. Many technologies out-of-the-box and import 3rd party alerts.
- Automatically update & rapidly customize policies when your IT landscape changes and policies & enforcement for your organization.